<? 
//error_reporting(E_ERROR | E_WARNING | E_PARSE);
session_start();
include('./inst.conf.php');
include('./functions.php');
header('Cache-Control: no-cache, must-revalidate');
header('Content-type: application/json');
?>

[
	{

<?php
if (isset($_GET['KeepSessionAlive'])){
	$result = mysql_query("SELECT * FROM `DOCENT` WHERE `DOCENT_ID` = '".@$_SESSION['LOGIN_ID']."'"); 
	$row = mysql_fetch_array($result);
	if (($_SESSION['LOGIN_NAME'] <> $row['VOORNAAM']." ".$row['TUSSENVOEGSEL']." ".$row['ACHTERNAAM'])OR($row['ADMIN'] <> $_SESSION['ADMIN'])){
		$_SESSION['LOGIN_NAME'] = $row['VOORNAAM']." ".$row['TUSSENVOEGSEL']." ".$row['ACHTERNAAM'];
		$_SESSION['ADMIN'] = $row['ADMIN'];
		echo '"status"   : "change",';
		if($_SESSION['ADMIN'] == "1"){echo '"userinfo" : "Aangemeld als: '.$_SESSION['LOGIN_NAME'].' (Admin)",';}else{echo '"userinfo" : "Aangemeld als: '.$_SESSION['LOGIN_NAME'].'",';}
		if($_SESSION['ADMIN'] != "1"){echo '"usermenu"  : "<li class=\"page_item current_page_item\"><a href=\"#\">Account</a></li><li class=\"page_item current_page_item\"><a href=\"javascript:void(\'0\');\" onclick=\"doJASON(\'afmelden\');\">Afmelden</a></li>",';}else{echo '"usermenu"  : "<li class=\"page_item current_page_item\"><a href=\"javascript:void(\'0\');\" onclick=\"LoadContend(\'container\', \'./paginas/admin/index.php\');\">Admin</a></li><li class=\"page_item current_page_item\"><a href=\"javascript:void(\'0\');\" onclick=\"LoadContend(\'container\', \'./paginas/user_settings.php\');\">Account</a></li><li class=\"page_item current_page_item\"><a href=\"javascript:void(\'0\');\" onclick=\"doJASON(\'afmelden\');\">Afmelden</a></li>",';}
		echo '"submenu"   : "",';
		echo '"container" : "",';
		echo '"containerLoad" : "",';
		echo '"changepassword"   : "false"';
	}else{
		if (file_exists('../update.php')){
			include('../update.php');
			$dateDiff    = $update_time - time();
			$fullDays    = floor($dateDiff/(60*60*24));
			$fullHours   = floor(($dateDiff-($fullDays*60*60*24))/(60*60));
			$fullMinutes = floor(($dateDiff-($fullDays*60*60*24)-($fullHours*60*60))/60);
			$updateTextTime2 = "Differernce is $fullDays days, $fullHours hours and $fullMinutes minutes.";
			if($fullDays <= -1){
				$updateTextTime = "op dit moment wordt de site geupdate.";
				$updateTextTimeDone = "Voer tijdens het updaten geen acties uit...";
			}elseif($fullHours == '0'){
				if($fullMinutes == '0'){
					$updateTextTime = "op dit moment wordt de site geupdate.";
					$updateTextTimeDone = "Voer tijdens het updaten geen acties uit...";
				}else{
					$updateTextTime = "over $fullMinutes minuten wordt de site geupdate.";
					$updateTextTimeDone = "Sla uw werk op en kom over 1 uur en $fullMinutes minuten terug.";
				}
			}else{
				$updateTextTime = "over $fullHours uur en $fullMinutes minuten wordt de site geupdate.";
				$updateTextTimeDone = "Sla uw werk op en kom over ".($fullHours+1)." uur en $fullMinutes minuten terug.";
			}
			
			echo '"status"   : "update",';
			echo '"updateText"   : "'.$updateTextTime.' '.$updateTextTimeDone.'",';
			echo '"updateLoggoff"   : "'.$update_logout.'",';
			if($fullMinutes <= '0' || $fullDays < '0'){echo '"UpdateInProgress" : "true"';}else{echo '"UpdateInProgress" : "false"';}
		}else{
			echo '"status"   : "Noting has changed",';
			echo '"UpdateInProgress"   : "false"';
		}
	}
	
	

}elseif (isset($_GET['IsLogedIn'])){
	if (isset($_SESSION['LOGIN_USERNAME'] ) || isset( $_SESSION['LOGIN_PASSWORD'] )){
		echo '"status"   : "succes",';
		if($_SESSION['ADMIN'] == "1"){echo '"userinfo" : "Aangemeld als: '.$_SESSION['LOGIN_NAME'].' (Admin)",';}else{echo '"userinfo" : "Aangemeld als: '.$_SESSION['LOGIN_NAME'].'",';}
		if($_SESSION['ADMIN'] != "1"){echo '"usermenu"  : "<li class=\"page_item current_page_item\"><a href=\"javascript:void(\'0\');\" onclick=\"LoadContend(\'container\', \'./paginas/user_settings.php\');\">Account</a></li><li class=\"page_item current_page_item\"><a href=\"javascript:void(\'0\');\" onclick=\"doJASON(\'afmelden\');\">Afmelden</a></li>",';}else{echo '"usermenu"  : "<li class=\"page_item current_page_item\"><a href=\"javascript:void(\'0\');\" onclick=\"LoadContend(\'container\', \'./paginas/admin/index.php\');\">Admin</a></li><li class=\"page_item current_page_item\"><a href=\"javascript:void(\'0\');\" onclick=\"LoadContend(\'container\', \'./paginas/user_settings.php\');\">Account</a></li><li class=\"page_item current_page_item\"><a href=\"javascript:void(\'0\');\" onclick=\"doJASON(\'afmelden\');\">Afmelden</a></li>",';}
		echo '"submenu"  : "<li class=\"cat-item cat-item-9\"><a href=\"javascript:void(\'0\');\" onclick=\"LoadContend(\'container\', \'./paginas/cijfer.php\');\" title=\"\">Cijfers invoeren</a></li><li class=\"cat-item cat-item-1\"><a href=\"javascript:void(\'0\');\" onclick=\"LoadContend(\'container\', \'./paginas/cirkel.php\');\" title=\"\">Gedragcirkel</a></li><li class=\"cat-item cat-item-9\"><a href=\"javascript:void(\'0\');\" onclick=\"LoadContend(\'container\', \'./paginas/extrawerk.php\');\" title=\"\">Extra</a></li><li class=\"cat-item cat-item-9\"><a href=\"javascript:void(\'0\');\" onclick=\"LoadContend(\'container\', \'./paginas/print.php\');\" title=\"\">Afdrukken</a></li>",';
		//'<li class=\"cat-item cat-item-10\"><a href=\"#\" title=\"\">Werkstukken/Boekverslagen</a></li>",';
		echo '"container" : "welkom" ,';
		if (@$_GET['page']<>''){
			if ($_GET['page'] == "account"){echo '"containerLoad" : "./paginas/user_settings.php",';}
		}else{
			echo '"containerLoad" : "./paginas/cijfer.php",';
		}
		echo '"user_idle" : "'.@$_SESSION['LOGIN_IDLE'].'",';
		if (file_exists('../update.php')){
			include('../update.php');
			$dateDiff    = $update_time - time();
			$fullDays    = floor($dateDiff/(60*60*24));
			$fullHours   = floor(($dateDiff-($fullDays*60*60*24))/(60*60));
			$fullMinutes = floor(($dateDiff-($fullDays*60*60*24)-($fullHours*60*60))/60);
			$updateTextTime2 = "Differernce is $fullDays days, $fullHours hours and $fullMinutes minutes.";
			
			if($fullMinutes <= '0' || $fullDays < '0'){echo '"UpdateInProgress" : "true"';}else{echo '"UpdateInProgress" : "false"';}
		}else{
			echo '"UpdateInProgress" : "false"';
		}
	}

}elseif (isset($_GET['UserIsInActive'])){
	if($_GET['UserIsInActive'] == "true"){
		$_SESSION['LOGIN_IDLE'] = "true";
		echo '"status"    : "succes",';
		echo '"info"  : "Gebruiker is gemarkeerd als inactief",';
		echo '"UserName" : "'.$_SESSION['LOGIN_NAME'].'"';
	}else{
		$WACHTWOORD= hash("sha256", secure(@$_POST['p']));
		$result = mysql_query("SELECT * FROM `DOCENT` WHERE `DOCENT_ID` = '".$_SESSION['LOGIN_ID']."'"); 
		$row = mysql_fetch_array($result);
		if ($row['WACHTWOORD'] == $WACHTWOORD){
			$_SESSION['LOGIN_IDLE'] = "false";
			echo '"status"   : "succes"';
		}else{
			echo '"status"   : "error",';
			echo '"errorTitle"   : "Toegang Geweigerd!",';
			echo '"errorText"   : "U heeft een onjuist wachtwoord opgegeven"';
		}
	}


}elseif (isset($_GET['logoff'])){
	session_destroy();
		$container = '<div id=\\"left-div\\"><div id=\\"left-inside\\"><div style=\\"clear: both;\\"></div><div style=\\"clear: both;\\"></div><div class=\\"home-post-wrap2\\"><h2 class=\\"titles\\">Welkom</h2><div style=\\"clear: both;\\"></div>Welkom op de Site waar de rapporten worden beheerd<div style=\\"clear: both;\\"></div></div> <!-- end .home-post-wrap2 --></div> <!-- end #left-inside --></div> <!-- end #left-div -->';
		$container = $container . '<div id=\\"sidebar\\"><div id=\\"search-3\\" class=\\"sidebar-box widget_search\\"><h2>Aanmelden</h2><div>';
    	
    	if (file_exists('../update.php')){
    		include('../update.php');
    		$dateDiff    = $update_time - time();
    		$fullDays    = floor($dateDiff/(60*60*24));
    		$fullHours   = floor(($dateDiff-($fullDays*60*60*24))/(60*60));
    		$fullMinutes = floor(($dateDiff-($fullDays*60*60*24)-($fullHours*60*60))/60);
    		$updateTextTime2 = "Differernce is $fullDays days, $fullHours hours and $fullMinutes minutes.";
    		if($fullDays <= -1){
    			$updateTextTime = "op dit moment wordt de site geupdate.";
    			$updateTextTimeDone= "1 uur";
    		}elseif($fullHours == '0'){
    			if($fullMinutes == '0'){
    				$updateTextTime = "op dit moment wordt de site geupdate.";
    				$updateTextTimeDone= "1 uur";
    			}else{
    				$updateTextTime = "over $fullMinutes minuten wordt de site geupdate.";
    				$updateTextTimeDone= "1 uur en $fullMinutes minuten";
    			}
    		}else{
    			$updateTextTime = "over $fullHours uur en $fullMinutes minuten wordt de site geupdate.";
    			$updateTextTimeDone = ($fullHours+1)." uur en $fullMinutes minuten";
    		}
    		
    		$container = $container .'Aanmelden is op dit moment niet mogelijk:<br> '.$updateTextTime.'<br> Probeer het over '.$updateTextTimeDone.' nog eens...</div></div>';
    	}else{
    		if($cfg['general']['students_can_login']){$container = $container . "<select><option value='0'>ik ben een:</option><option value='1'>Docent</option><option value='2'>Leerling</option></select><br>";}
    		$container = $container .'<input type=\\"text\\" value=\\"Gebruikersnaam\\" name=\\"gebruikersnaam\\" id=\\"gebruikersnaam\\" onkeypress=\\"{if (event.keyCode==13)if($(\'#wachtwoord\').val() == \'\' || $(\'#wachtwoord\').val() == \'Wachtwoord\'){$(\'#wachtwoord\').focus();}else{doJASON(\'aanmelden\');}}\\" style=\\"color:#CCC;\\" onfocus=\\"this.style.color=\'#000\';if (this.value == \'Gebruikersnaam\'){this.value =\'\';}\\" onblur=\\"if(this.value == \'\'){this.style.color=\'#CCC\';this.value =\'Gebruikersnaam\';}\\"/><br><div class=\\"but\\"><a href=\\"javascript:void(\'0\');\\" class=\\"positive\\" name=\\"inloggen\\" onclick=\\"doJASON(\'aanmelden\');\\"><img src=\\"./images/icon-signin.png\\"/>Aanmelden</a></div><input type=\\"password\\" value=\\"\\" name=\\"wachtwoord\\" id=\\"wachtwoord\\" onkeypress=\\"{if (event.keyCode==13)doJASON(\'aanmelden\')}\\"onblur=\\"if($(\'#wachtwoord\').val() == \'\'){$(\'#wachtwoord_text\').show();$(\'#wachtwoord\').hide();}\\" style=\\"display:none;\\" /><input type=\\"text\\" value=\\"Wachtwoord\\" name=\\"wachtwoord\\" id=\\"wachtwoord_text\\" onfocus=\\"$(\'#wachtwoord_text\').hide();$(\'#wachtwoord\').show();$(\'#wachtwoord\').focus();\\" style=\\"color:#CCC;\\"/><br><a href=\\"javascript:void(\'0\');\\" onclick=\\"showwwVergeten_Message();\\">Wachtwoord vergeten?</a></div></form></div>';
    	}
    	$container = $container .'<div id=\\"text-3\\" class=\\"sidebar-box widget_text\\"><h2>Adres</h2><div class=\\"textwidget\\"><p>CBS Groenhorst<br />De Meent 3<br />3833 EA Leusden<br />Tel. 033 - 4943175</p></div></div> <!-- end #sidebar -->';
		echo '"status"    : "succes",';
		echo '"userinfo"  : "U bent niet aangemeld..." ,';
		echo '"usermenu"  : "<li></li>",';
		echo '"submenu"   : "<li></li>",';
		echo '"container" : "'.$container.'"';	

//, function(response, status, xhr) {if (status == \'error\') {$.notify({text: \'Er is helaas iets mis gegaan:<br>\'+ xhr.status + \' \' + xhr.statusText, title:\'Fout\', icon:\'images/dialog-error.png\'});}});

}elseif (isset($_GET['LostPassword'])){
	if(isset($_POST['e']) and isset($_POST['g'])){
		//controleer of deze gegevens terug te vinden zijn in de DB
		$result = mysql_query("SELECT * FROM `DOCENT` WHERE `GEBRUIKERSNAAM` = '".$_POST['g']."' AND `E_MAIL_ADRES` = '".$_POST['e']."'"); 
		$row = mysql_fetch_array($result);
		if (is_array($row)){
			$dateDiff    = time() - strtotime($row['SECURE_CODE_TIMESTAMP']);
			$fullDays    = floor($dateDiff/(60*60*24));
			if($row['SECURE_CODE'] == '' || $fullDays <> 0){
				$this_Path= "http://".$_SERVER['HTTP_HOST'].substr( $_SERVER['SCRIPT_NAME'], 0, (strrpos($_SERVER['SCRIPT_NAME'],"/")+1)) . "mail/";
				$myFile = "./mail/Nieuw_wachtwoord.html";
				$fh = fopen($myFile, 'r');
				$theData = fread($fh, filesize($myFile));
				fclose($fh);
				
				$code=generatePassword($length=6);
				$newPassword=generatePassword($length=16);
				mysql_query("UPDATE `DOCENT` SET `SECURE_CODE` = '".hash("sha256", $code)."',`SECURE_CODE_TIMESTAMP` = '".date('Y-m-d H:i:s')."' WHERE `DOCENT_ID` ='".$row['DOCENT_ID']."'");
				$theData= str_replace("%pathtofile%", $this_Path, $theData);
				$theData= str_replace("%date%", date('d ').$cfg['general']['maand_naam'][(int)date('m')].date(' Y H:i'), $theData);
				$theData= str_replace("%name%", $row['VOORNAAM'], $theData);
				$theData= str_replace("%code%", $code, $theData);
				$theData= str_replace("%password%", $newPassword, $theData);
				$theData= str_replace("%hash1%", hash("sha256", $newPassword), $theData);
				$theData= str_replace("%hash2%", hash("sha256", $code), $theData);
				$theData= str_replace("%disclaimer%", $cfg['mail']['disclaimer'], $theData);
				
				
				
				$to = $row['E_MAIL_ADRES'];
				
				$subject = 'Nieuw wachtwoord!';
				
				$headers = "From: ".$cfg['mail']['from']."\r\n";
				$headers .= "Reply-To: ".$cfg['mail']['reply_to']."\r\n";
				$headers .= "MIME-Version: 1.0\r\n";
				$headers .= "Content-Type: text/html; charset=UTF-8\r\n";
				if(mail($to, $subject, $theData, $headers)){
					echo '"status"   : "succes",';
					echo '"text"     : "Het nieuwe wachtwoord is naar u verzonden!"';
				}
			}else{
				echo '"status"   : "alaangevraagt",';
				echo '"Text"   : "<span style=\'color:#F00;\'>u heeft al een nieuw wachtwoord aangevraagt. kijk ook in uw spam folder. heeft u geen mail ontvangen? neem dan contact op met een van de administrator\'s</span>"';
			}
			
			
		}else{
			echo '"status"   : "error",';
			echo '"errorTitle"   : "Heelaas!",';
			echo '"errorText"   : "De door u ingevulde gegevens corresponderen niet met de gegevens in de database."';
		}
	}else{
		echo '"status"   : "error",';
		echo '"errorTitle"   : "Er ging iets mis!",';
		echo '"errorText"   : "Er heeft zich een fout voorgedaan.. ververs de pagona en probeer het opnieuw."';
	}

}else{
	$GEBRUIKERSNAAM= secure(@$_POST['u']);
	$WACHTWOORD= hash("sha256", secure(@$_POST['p']));
	$result = mysql_query("SELECT * FROM `DOCENT` WHERE `GEBRUIKERSNAAM` = '$GEBRUIKERSNAAM' AND `WACHTWOORD` = '$WACHTWOORD'"); 
	$row = mysql_fetch_array($result);
	if (!$row['GEBRUIKERSNAAM'] ==""){
		$_SESSION['LOGIN_ID'] = $row['DOCENT_ID'];
		mysql_query("UPDATE `DOCENT` SET `SECURE_CODE` = '', `SECURE_CODE_TIMESTAMP` = '' WHERE `DOCENT_ID` ='".$row['DOCENT_ID']."'");
		$_SESSION['LOGIN_USERNAME'] = $row['GEBRUIKERSNAAM'];
		$_SESSION['LOGIN_PASSWORD'] = $row['WACHTWOORD'];
		$_SESSION['LOGIN_NAME'] = $row['VOORNAAM']." ".$row['TUSSENVOEGSEL']." ".$row['ACHTERNAAM'];
		$_SESSION['ADMIN'] = $row['ADMIN'];
		echo '"status"   : "succes",';
		if($_SESSION['ADMIN'] == "1"){echo '"userinfo" : "Aangemeld als: '.$_SESSION['LOGIN_NAME'].' (Admin)",';}else{echo '"userinfo" : "Aangemeld als: '.$_SESSION['LOGIN_NAME'].'",';}
		if($_SESSION['ADMIN'] != "1"){echo '"usermenu"  : "<li class=\"page_item current_page_item\"><a href=\"#\">Account</a></li><li class=\"page_item current_page_item\"><a href=\"javascript:void(\'0\');\" onclick=\"doJASON(\'afmelden\');\">Afmelden</a></li>",';}else{echo '"usermenu"  : "<li class=\"page_item current_page_item\"><a href=\"javascript:void(\'0\');\" onclick=\"LoadContend(\'container\', \'./paginas/admin/index.php\');\">Admin</a></li><li class=\"page_item current_page_item\"><a href=\"javascript:void(\'0\');\" onclick=\"LoadContend(\'container\', \'./paginas/user_settings.php\');\">Account</a></li><li class=\"page_item current_page_item\"><a href=\"javascript:void(\'0\');\" onclick=\"doJASON(\'afmelden\');\">Afmelden</a></li>",';}
		echo '"submenu"  : "<li class=\"cat-item cat-item-9\"><a href=\"javascript:void(\'0\');\" onclick=\"LoadContend(\'container\', \'./paginas/cijfer.php\');\" title=\"\">Cijfers invoeren</a></li><li class=\"cat-item cat-item-1\"><a href=\"javascript:void(\'0\');\" onclick=\"LoadContend(\'container\', \'./paginas/cirkel.php\');\" title=\"\">Gedragcirkel</a></li><li class=\"cat-item cat-item-9\"><a href=\"javascript:void(\'0\');\" onclick=\"LoadContend(\'container\', \'./paginas/extrawerk.php\');\" title=\"\">Werkstukken / Boekverslagen / Extra Werk</a></li><li class=\"cat-item cat-item-9\"><a href=\"javascript:void(\'0\');\" onclick=\"LoadContend(\'container\', \'./paginas/print.php\');\" title=\"\">Afdrukken</a></li>",';
		echo '"container" : "welkom" ,';
		echo '"containerLoad" : "./paginas/cijfer.php"';
		
	}else{
		echo '"status"   : "error",';
		echo '"errorTitle"   : "Toegang Geweigerd!",';
		echo '"errorText"   : "U heeft een onjuiste gebruikersnaam en of wachtwoord opgegeven"';
	}
	} 
?>

	}

]